代码是没啥问题的..返回的都是内网的或者是 127.0.0.1
public static String getSpbillCreateIp(HttpServletRequest request) {
if (request == null) {
return null;
}
String ipString = request.getHeader("x-forwarded-for");
if (StringUtils.isBlank(ipString) || "unknown".equalsIgnoreCase(ipString)) {
ipString = request.getHeader("Proxy-Client-IP");
}
if (StringUtils.isBlank(ipString) || "unknown".equalsIgnoreCase(ipString)) {
ipString = request.getHeader("WL-Proxy-Client-IP");
}
if (StringUtils.isBlank(ipString) || "unknown".equalsIgnoreCase(ipString)) {
ipString = request.getRemoteAddr();
if(ipString.equals("127.0.0.1")) {
InetAddress inet=null;
try {
inet = InetAddress.getLocalHost();
} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
ipString = inet.getHostAddress();
}
}
// 多个路由时,取第一个非 unknown 的 ip
final String[] arr = ipString.split(",");
for (final String str : arr) {
if (!"unknown".equalsIgnoreCase(str)) {
ipString = ipString+" + " +str;
// break; } } // String ipString = request.getRemoteAddr(); return ipString; }
1
akira 2016-09-13 16:11:58 +08:00
在本机有放前端反代?
|
3
geeglo 2016-09-13 16:56:45 +08:00 via iPhone
你怎么测试的?
|
4
zhuangzhuang1988 2016-09-13 17:07:21 +08:00
dump 一下 header..
|
5
j8sec 2016-09-13 19:15:57 +08:00
你还不如用 js+webrtc 来获取呢
|
6
jackmasa 2016-09-13 19:52:12 +08:00
不要在本地跑这段代码。。。放服务器试试
|
7
SoloCompany 2016-09-13 22:49:05 +08:00
1. 那就不会直接把 header 全部 dump 出来看一眼么
2. 这样干很危险啊,也就是说默认允许伪造 ip 了 |
8
fatpa 2016-09-14 13:00:58 +08:00
nginx 配置问题
|